TV Malware Can Listen to Your Home if You Aren’t Careful

This may not surprise many techies, as they’re inundated with technology that has microphones, but smart TVs are prime areas for malware that can spy on what you’re saying in your home. Android TVs are susceptible to that as well, as long as the users aren’t careful.

Posted on Tom’s Guide by someone oddly enough named Marshall, he explains how they were able to add spyware to a Sony TV running Android TV. From there, it was able to run an app in the background that continually listened to what people said. This takes advantage of the built-in microphone that comes with smart TV remotes and the voice recognition software that’s included in the operating system. This makes it easy to create a transcript of every conversation you have in that room.

There’s plenty of reasons why the average user shouldn’t be worried about this exploit. For one, these types of apps are not available on the Play Store. You’d have to manually enable the installation of apps from unknown sources, which isn’t something the average user would do. Then, the attacker would need a way to get you to install this app, something that isn’t easy regardless.

This exploit was shown to work on a European model of a Sony TV without a microphone in the remote, so researchers had to plug in a USB mike. Usually this would have to be done on a regular remote, and with Android’s new runtime permissions, apps would have to request the microphone. Of course, a rogue app would likely avoid this requirement with older APIs. Regardless, it’s now easy to disable permissions to apps and prevent malware from doing too much damage.

Still, with the advent of smarter technology and more sensors in our devices, it is important to be cognizant of what they can do and be smart about what security features they have.

Nick Felker is a student Electrical & Computer Engineering student at Rowan University (C/O 2017) and the student IEEE webmaster. When he's not studying, he is a software developer for the web and Android (Felker Tech). He has several open source projects on GitHub (http://github.com/fleker)
Devices: Moto G-2013 Moto G-2015, Moto 360, Google ADT-1, Nexus 7-2013 (x2), Lenovo Laptop, Custom Desktop.
Although he was an intern at Google, the content of this blog is entirely independent and his own thoughts.